Skillset

During the past few weeks, I repeatedly talked about virtual desktop infrastructures, or VDI, (XenDesktop, VDI-in-a-Box) its advantages, some of the technology involved, features and probably the most important one, use cases. Especially with Windows XP coming to an end, see my previous article on this and you’ll find it here, this might be a good time to rethink your alternatives when it comes to replacing your fat clients and accompanying back-end systems, or at least the way they’re currently used, you know what I mean right? That being said, there’s another concept I’d like to discuss since it’s closely related to VDI and could prove to be a valid solution for a great deal of use cases out there. I’m referring to DaaS, or, Desktop as a Service.

A general comparison

Let’s start with a comparison first. We all know VDI by now; Virtual Desktop Infrastructure (VDI), a desktop-centric service that hosts user desktop environments on remote servers, which are accessed over a network using a remote display protocol (RDP / ICA). A connection brokering service (a Remote Desktop Connection Broker or a XenDesktop Delivery Controller for example) is used to connect users to their assigned desktop sessions. It’s often confused with Remote Desktop Services (RDS), or Terminal Services, which might be better known by some, but there’s a distinct difference.

In short, VDI focuses on delivering a virtual machine based on a client operating system on a one to one basis, one VM per user. RDS on the other hand, offers a full desktop experience running on a single shared server operating system, one desktop shared by multiple users at the same time, also referred to as a Hosted Shared Desktop solution. So again, with VDI you’ll get your own client OS based virtual machine, where RDS can offer a (hosted) shared desktop or access to individual applications instead, meaning one application can be used by multiple users at the same time, just as with the (hosted) desktop solution, all made possible by the underlying RDS / Terminals Services technology.

Now for DaaS

DaaS is somewhere in between. It’s basically a VDI solution offered as a cloud service. In most cases the DaaS provider, hosting your desktops somewhere in the cloud, will typically take full responsibility for all hosting services and maintenance when it comes to the back-end infrastructure, including persistent and/or non-persistent storage, networking, remote access etc…

You also won’t need to worry about backups, monthly maintenance (think Microsoft patching for example) and/or application installs, unless you want to, of course. You’ll pay a fixed monthly fee per machine and the prize will vary depending on the type of machine you need. More memory, disk space and/or additional vCPU’s will mean the price goes up and vice versa. Here’s an example, price wise, of Amazon’s newly introduced WorkSpaces:

Unfortunately DaaS isn’t as straightforward as it may seem. Sure, you pay a monthly fee and you won’t have to worry about a thing, so to speak, but when it comes to the VDI comparison made earlier, there’s a bit more to it, let me try and explain. When we talk about VDI, as discussed earlier, we’re thinking virtual machines (client OS) on a one-on-one basis, meaning each user will get its own personal VM, right? And never mind if it’s persistent or not.

Before we continue, read this: It all comes down to licensing. This is what Microsoft has to say with regards to client operating systems on cloud hosting platforms: Multi-tenant hosting is restricted in the Product Use Rights of Windows Clients, such as Windows 7 or Windows 8. Windows Client Desktops are not available on either Windows Azure or on any other Service Provider such as Amazon or Rackspace. You can read more about the Microsoft Product Use Rightshere. No client OS based machines allowed, simple as that!

So how do all those Cloud DaaS hosting providers cope with this? Well… they don’t! It is the shortest but honest answer. There’s only one way around this (at least till Microsoft changes it licensing structure) and that’s using Microsoft’s server operating system instead, and this is exactly where a lot of the confusion starts.

The concept is simple, you run a Windows server OS on your back-end systems and start offering hosted shared desktops, using the well known RDS \ Terminal Services technology, to your customers. This is one way of doing it, and it’s used a lot! Next you throw in a feature like Desktop Experience and your users will get the look and feel of a Windows 7 desktop. A quote from Microsoft on this: The Desktop Experience feature allows you to install a variety of components and features that are provided in the Windows 7 operating system onto a computer that is running the Windows Server 2008 R2 operating system. After you install Desktop Experience, the Windows 7 components and features, such as Windows Media Player, will appear under All Programs on the Start menu.

The same can be done for Windows Server 2012 as well. Configure it this way and you’re basically good to go. Your users will think that they’re working on a fully featured Windows 7 (or Windows 8 for that matter) machine, while in fact, it’s the relatively simple hosted shared desktop principle instead. I’m sure that most users won’t notice, and even if they did, in most cases, they simple don’t care as long as their daily routines don’t get interrupted. Now don’t get me wrong, I’m not saying that this is a bad thing, it’s actually quite clever, to be honest, and cost effective as well. Besides, the technology involved has proven itself over and over again and is one of my personal favourites as well. For IT however, this might be a different story.

Don’t get confused

Don’t be fooled by smart marketing, they make it sound like you’re buying, or leasing a fully functional client OS based desktop on a one on one basis, and although, to the untrained eye, it looks like you’re presented with Windows 7, or whatever desktop, you’re not! Sure, if you read the product pages or license agreements, they’ll tell you it’s actually a Server OS being used, but still. Just make sure that your IT department is involved when you’re considering a solution like this, they’ll know what to look for. I’m mentioning this because there could be some valid reasons why you may need a one-on-one solution instead of a hosted shared one. I listed some below for example:

Because your users may need to install their own updates & applications;

Your users, for whatever reason, need to be able to modify specific system-level settings;

Perhaps in some cases (other than the above) administrative privileges are needed;

Certain users might need more processing power and memory than others, because of certain resource intensive applications they might use;

Dedicated / persistent storage might be needed.

Although some of the examples above might be possible on a hosted shared desktop environment as well, it isn’t the best practice and we could easily end up with more trouble than we can handle. Besides that, not all applications behave the way you’d expect if they’re developed with a Client OS in mind but are installed on a Server OS instead. Do you recognize any of the above? Then you’re probably better off by keeping these specific users on-premises since this is the only way we can deploy (legally) client OS based machine to our users. It’s always going to be a mix and match process. Or am I wrong?!

Back to VDI, again

There is a way in which Hosting Providers can offer VDI based DaaS using a server OS, that’s right, on a one-on-one basis just as with ‘normal’ VDI. I already mentioned Amazon and their WorkSpaces DaaS solution; it is big news within the ‘community’ and has been for weeks. And to be honest, it’s one of the main reasons why I wrote this article in the first place. I mean, it doesn’t happen every week that one of the largest cloud hosting companies in the world, or perhaps the largest, get’s involved in DaaS computing, it is trend setting, in way. It’s not that Amazon is presenting us with something completely new, not at all; it’s just that they’re Amazon, they’re big and they’re known, and that’s what matters.

In the case of Amazon’s WorkSpaces, it’s actually Windows Server 2008 R2 running in the background. I first thought that they applied the hosted shared desktop principle as discussed earlier, but I was wrong (thanksBrian). These are server based desktops offered on a one-to-one basis, one user per Windows server desktop. DaaS (VDI) based on a Windows server OS including persistent storage! Exactly what the doctor ordered! Unfortunately, this model isn’t applied very often, in most cases it isn’t very cost effective to offer DaaS this way, but I guess for Amazon, this isn’t that big of an issue. Of course, if for some reason your applications do have a specific need for a client OS, then this won’t work either, but it’s definitely a step in the right direction.

Windows Azure

Sort of similar to the above (although meant for a different use-case), a few months ago, Citrix together with Microsoft announced XenDesktop 7 on Azure integration with the following statement: With the introduction of Azure support for Remote Desktop Services Subscriber Access Licenses (RDS SALs) a broad set of opportunities to leverage Azure for hosted Windows desktops and applications begin to unfold. As a platform, Microsoft Azure provides a robust, state of the art infrastructure and global presence for enterprises and service providers. It is then followed by Citrix customers wanting to leverage public cloud infrastructure as a service in order to expand their own premise data center capabilities without investing in new capital resources that can now host virtual desktops based on XenDesktop 7 within Azure.

Again, making it sound like a client desktop OS solution, but it’s clearly not. In this case, it’s actually the Hosted Shared Desktop model being offered, with the single user server solution only used if there’s no other way. Have a lookhere, I wrote an extensive article on the subject. About a week ago, I had a good conversation with Citrix’s Kurt Moody regarding the matter; a few days later I wrotethis and it’s all water under the bridge now. My point is, it’s very easy to get mislead, or at least get confused by marketing statements like these.

Although the XenDesktop 7 on Azure design is meant as an on-premises extension for companies looking to expand their existing data center, without having to invest in a new hardware (of course that’s not the only advantage), the concept isn’t that different when you think about it. It’s still about hosting your desktops in the cloud, one way or the other. With Amazon’s WorkSpaces however, it’s all simplified, you don’t need to install and/or configure anything, no maintenance, management or backups etc… You just pick what you need, adjust as (and if) needed and you’re done. Also, you won’t have to make any upfront investments either, you just pay per use, so to speak, although this applies to Azure as well as mentioned above. Amazon will take care of the rest.

Flexibility

Solutions like WorkSpace aren’t for everyone. I can imagine that small(er) and mid-sized companies, ranging from 50 to several hundreds of users might be interested. Although you’re presented with multiple configurations to choose from, you’re still bound to what Amazon has to offer, this goes for management as well and could be a drawback for some. For example, if it’s Server 2012 that you want, at least for now, you’re out of luck. Note that you are able to install your own software (by IT) and you can use the licenses (your own) that go with it. Also, all other changes made by your users are persistent as well. See this Blog from Brian Madden on some of the features and possibilities that they offer, he asked them 50 questions and got 50 answers.

Although with Azure you’ll still need to build up, configure and manage the whole infrastructure yourself (this can be an advantage as well and you won’t have to invest in any hardware upfront) you do have the option to go with Windows Server 2012, or 2012 R2 even, if that’s what you need. A small advantage perhaps, I guess it all depends on the used case you’re presented with. Simply put, if it’s more flexible and/or manageable than you need, then WorkSpaces might not be the right solution for you, have a look at Azure, perhaps use Amazon Web Services in another way or just keep your data center on-premises instead and handle your own storage, user profiles, and folder redirection and so on.

Conclusion

This should give a good idea on how DaaS solutions work, or perhaps even more specific, how DaaS licensing works. Keep in mind that for now, I only briefly discussed Amazon WorkSpaces and Windows Azure, not only are they big, they also offer some specific services which helped in explaining some concepts. Just know that there are (much) more providers out there offering similar solutions, Citrix included, of course. Storage, user profile management and management capabilities in general, which we all haven’t really discussed up till now, will probably differ per provider, although not much, do make sure you know exactly what you’re getting yourself into before taking the leap.

Bas van Kaam has been part of the IT industry just short of 15 years now. He is currently employed as a Senior (Pre-Sales) Consultant / Engineer at Qwise, one of the leading SBC (Citrix) & Microsoft consultancy companies in the Netherlands. He is also the Citrix Product Lead for his company, a role from which he organizes and hosts technical sessions on a regular basis, advises his CTO and keeps in touch with other (pre) sales colleagues and third party partners. He is an enthusiastic Blogger and as such, loves to share knowledge. He specializes in Citrix technologies with a strong focus on (partly) designing, building, maintaining, troubleshooting and optimizing Microsoft & SBC oriented infrastructures for mid-sized companies. You’ll find Bas on www.basvankaam.com where he tries to share some of his knowledge.

About Intense

Intense School has been providing accelerated IT training and certification for over 12 years to more than 45,000 IT and Information Security professionals worldwide. Come see why we have the highest pass rates in the industry!

Join our newsletter

File download

First Name

Last Name

Work Phone Number

Work Email Address

Job Title

How will you fund your training?

Why Take This Training?

What is your timeline for training?

InfoSec institute respects your privacy and will never use your personal information for anything other than to notify you of your requested course pricing. We will never sell your information to third parties. You will not be spammed.

Comments

What is Skillset?

Skillset

Practice tests & assessments.

Practice for certification success with the Skillset library of over 100,000 practice test questions. We analyze your responses and can determine when you are ready to sit for the test. Along your journey to exam readiness, we will:

1. Determine which required skills your knowledge is sufficient
2. Which required skills you need to work on
3. Recommend specific skills to practice on next
4. Track your progress towards a certification exam